WhatsApp Flaw Allows Hackers to Intercept Conversations And Scam You
By: Jim Stickley and Tina Davis
October 2, 2018
That useful little chat tool, WhatsApp is in the news again. This product that allows users to chat, make phone calls, create group messages, and other useful things has a notable vulnerability. Researchers at Check Point figured out that if hackers take advantage of this flaw, they can intercept and manipulate messages that are sent between people individually or in group conversations. Why is this significant, you ask? Because it can be used for a variety of reasons not limited to spreading information or malware or for conducting scams.
The listed attacks so far include:
- Changing a reply from a user either in a private or group conversation.
- Using quoted messages from a conversation making it appear as if the intruder is legitimately in the group.
- Sending messages to group members pretending it’s a group message, but is actually only sent to one member. The response from that targeted member will be sent to a group.
People are more likely to fall for scams or click links if they think they are from someone familiar. So, if a bad actor can send messages making appear as if they are intended to be in a group, they can potentially scam a lot of people at once. In addition, WhatsApp (owned by Facebook) has over 1.5 billion users, per the data from Check Point. That’s as of early 2018. People send over 65 billion messages every single day using this product.
There are numerous security products that should be included in your overall cybersecurity strategy. And yes, even individuals should have one of those. Install anti-virus software, keep all software and operating systems updated with patches and make sure you have supported software at all times. Don’t believe everything you read on the Internet. If it’s too good to be true, it most likely is. Trust your instincts. Remember that just because you see a story or offer repeatedly on multiple places or websites, that doesn’t make it true. Do your own research before doing anything that may have significant bad consequences. Do your fact checking. It usually doesn’t take long to do a quick check to find out if something is truly bogus. Most of the time, the scams perpetrated on WhatsApp and other products like it are listed as scams before you even see them the first time. If someone has fallen for it, you will find it pretty quickly.
In addition, just use an abundance of caution when sharing information on WhatsApp or any social media site. These should not be considered secure platforms for sending sensitive information, such as your social security number or payment card information.
Because of its massive user base, WhatsApp can be used to reach a lot of people. It has already been used in supermarket scams where scammers promise supermarket vouchers in return for personal information, fake airline giveaway scams promising free airline tickets, and even for election tampering.